How to implement Riskwatch Solutions. Implementation - RiskWatch

RiskWatch Implementation

Where to Start?

RiskWatch products are Software as a Service, cloud-based solutions that are purchased right here on our website following the four simple steps below.

Sign up for instant access to a free trial

*Professional email address to activate trial

Step 1

Start for Free


Our software is free to use – no payment information is required. Once you’ve met your limit of free assessments, extend your use by purchasing licenses based on the number of Users or the number of Areas you will be assessing.




Step 2

Purchase Licenses


How Many Users? Our Pricing is based on how many user accounts you will have or how many areas you will be assessing. Each User or Area to be assessed requires 1 license. An Area is anything that is the target of an assessment, such as a facility, supplier, client, etc. We provide quantity discounts on licenses.

Step 3

Select Content


Select your content libraries. This will be  relevant to the type of assessment you’re performing, such as using our HIPAA library in a hospital security assessment or our ASIS library in a vendor physical security assessment. You can also upload any of your own content.


Step 4

Configure and Assess


Create specific users and assets. Once user accounts and assets are created, you can create/begin assessments. Do a preliminary assessment to see where risk lies and then create a custom report to see the data gathered from the assessment.



RiskWatch Workflow

Stage 1 - Relevant asset or scope data (Organizational information, Criticality, Consequence, Threat Level, & Evaluation Criterial) is identified and entered into the RiskWatch application.

Stage 2 – Personnel that have the required knowledge of the organization’s processes, policies, and/or controls are identified and designated as Contacts in the application.

Stage 3 – Surveys access is distributed by the application via email to the Contacts identified in Stage 2 to evaluate the processes, policies, and or controls in place.

Stage 4 – Assessment is ready for analysis. Risk Scores are calculated based on Criticality, Consequence and Threat level from Stage 1 and a Gap Score based on the Survey results from Stage 3.

Stage 5 - Gaps are identified based on the survey results. Gap mitigation recommendations are given by the application Administrator.

Stage 6 – Remediation Tasks based on the Administrator’s recommendations (and/or recommendations provided by the Contacts) are assigned by the Administrator and managed by the application.

Stage 7 – Final Report is Generated by the application for review by Upper Management or Auditors.

RiskWatch product workflow.

If You Need Assistance with Implementation

After purchasing a RiskWatch platform, you may decide you would like some assistance implementing the solution into your current risk management or compliance program. Your success is our number one priority. We offer these services at an additional cost, and you are able to buy support in 4-hour groupings. RiskWatch offers support packages for every client’s unique needs. We can help you adapt and customize your RiskWatch product to make it seamlessly integrate with your current process by offering:

New Feature
Advice and

Your Content


One of the most important components of a RiskWatch product is the assessment content, metrics, and criteria. You will need to select question sets from our content library based on what you are assessing. Is it regulatory or industry compliance, enterprise risk, or supplier risk? Do you want to assess your organization’s security profile to standardized best practices? Maybe you want to assess each department or business unit’s compliance to your organization’s policies?


Each of these unique assessment types leverages survey questions from the RiskWatch content library. When you initiate your subscription, you will be asked to select the question sets that you will need to complete your assessments.

Survey Content Libraries

Adaptable to all industries

Comprehensive Survey Library

We offer 35 content libraries to suit your industry and generate your survey questions.


ISO 27001




Performing Mobile Assessments

Upload Your Own Survey Content

Using the upload template, you can add questions to the survey module that currently do not exist in the software. These can be from government regulations, industry standards, best practices, or your own policies. These can be easily added using your product’s bulk upload process where you simply fill in the details of your assessment questions into a spreadsheet template that is generated by the software. Then upload the file back into your RiskWatch platform.


Each question can be weighted so some can have a greater impact on your risk/compliance score than others. For example, your question asking if a facility has a perimeter fence may be weighted higher than your question asking if there is barbed wire at the top of the fence.


Questions are also mapped to vulnerabilities allowing you to determine where you where you are most vulnerable.


Using the Survey Roles and Facility Type filtering within the questions, you will be able to ensure that personnel only receive survey questions that are relevant to them and they are qualified to answer.


You can also customize the response types for each question. Standard responses include, yes/no, 1-10, control maturity level, text, file upload, and diary/journal response. Add your own custom forms and multiple choice response types.


Use the Control Standard field to give the survey respondent more clarity as to why the question is being asked, or give additional information about the regulation/standard/policy that the question refers to.

Reduce exposure to liability. Manage risk. Monitor and maintain security.

Track continuous improvement. Sign up for instant access to a free trial.

Professional email address to activate trial



RiskWatch products are a hosted solution on the web. The main objective of these tools are to save time and energy utilizing the power of internet to consolidate data from all the departments or resources working from different locations of the globe.


RiskWatch products are typically hosted on RiskWatch’s secure servers. They may also be hosted on your organization’s intranet infrastructure, for additional cost. For information regarding self-hosting RiskWatch products, contact RiskWatch support. If hosted in an intranet, they need access to an exchange server or an email server to send email notifications to their users.



Data between the customer’s browser and our server is encrypted using AES 256bit encryption. All information contained in the database has AES-256 encryption and PBE with MD5 & Triple DES, to which RiskWatch International controls the encryption key.This database is also backed up daily and sent to an offsite location in Amazon S3 where it is re-encrypted and stored for Disaster Recovery and Business Continuity.


Access to the software is password protected. You can configure password complexity requirements, expiration, max number of failed login attempts, and session length.